We help IT Professionals succeed at work.
Get Started
Can not enter ' in the string to store into sql server database using vb.net
Hello all,
i am using vb.net to enter some information in sql server databse. using below code everthig works fine. but if we enter single inverted coma (') in the tex box or in rich text box then it is giving me sql error "SQL error Unclosed quotation mark before the character string" Please help me out to find solution for this one.
Dim cnSQL = New SqlClient.SqlConnection
cnSQL.ConnectionString = "workstation id=STATH26;packet size=4096;user id=sysop;data source=ACAD-IMAGE; persist security info=True; initial catalog=AcadAdmin;password
Dim cmSQL As SqlClient.SqlCommand
Dim strSQL As String
cnSQL.Open()
Try
strSQL = "INSERT INTO dbo.TechProject(Name, [Project Name], Priority, Description, [Start Date], [Est End Date], [Date Completed], Completed)VALUES('" & TName.Text & "', '" & TProjectName.Text & "' , '" & CBPriority.SelectedItem & " ','" & RTDescription.Text & "', '" & DTStartDate.Value & "','" & DTEstEndDate.Value & "','" & DTDateCompleted.Value & "','" & CBCompleted.SelectedItem & "')"
cmSQL = New SqlClient.SqlCommand(strSQ
cmSQL.ExecuteNonQuery()
' Close and Clean up objects
MsgBox("Data Saved Successfully")
cnSQL.Close()
cmSQL.Dispose()
cnSQL.Dispose()
Me.Close()
Catch Exp As SqlClient.SqlException
MsgBox(Exp.Message, MsgBoxStyle.Critical, "SQL Error")
Catch Exp As Exception
MsgBox(Exp.Message, MsgBoxStyle.Critical, "General Error")
End Try
i am using vb.net to enter some information in sql server databse. using below code everthig works fine. but if we enter single inverted coma (') in the tex box or in rich text box then it is giving me sql error "SQL error Unclosed quotation mark before the character string" Please help me out to find solution for this one.
Dim cnSQL = New SqlClient.SqlConnection
cnSQL.ConnectionString = "workstation id=STATH26;packet size=4096;user id=sysop;data source=ACAD-IMAGE; persist security info=True; initial catalog=AcadAdmin;password
Dim cmSQL As SqlClient.SqlCommand
Dim strSQL As String
cnSQL.Open()
Try
strSQL = "INSERT INTO dbo.TechProject(Name, [Project Name], Priority, Description, [Start Date], [Est End Date], [Date Completed], Completed)VALUES('" & TName.Text & "', '" & TProjectName.Text & "' , '" & CBPriority.SelectedItem & " ','" & RTDescription.Text & "', '" & DTStartDate.Value & "','" & DTEstEndDate.Value & "','" & DTDateCompleted.Value & "','" & CBCompleted.SelectedItem & "')"
cmSQL = New SqlClient.SqlCommand(strSQ
cmSQL.ExecuteNonQuery()
' Close and Clean up objects
MsgBox("Data Saved Successfully")
cnSQL.Close()
cmSQL.Dispose()
cnSQL.Dispose()
Me.Close()
Catch Exp As SqlClient.SqlException
MsgBox(Exp.Message, MsgBoxStyle.Critical, "SQL Error")
Catch Exp As Exception
MsgBox(Exp.Message, MsgBoxStyle.Critical, "General Error")
End Try
Why Experts Exchange?
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
Jim Murphy
Programmer at Smart IT Solutions
When asked, what has been your best career decision?
Deciding to stick with EE.
Mohamed Asif
Technical Department Head
Being involved with EE helped me to grow personally and professionally.
Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question
Connect with Certified Experts to gain insight and support on specific technology challenges including:
- Troubleshooting
- Research
- Professional Opinions
Did You Know?
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE